ccSvcHst.exe idle memory usage is higher in Endpoint Protection 14.2 RU1 than previous versions
Last Updated May 15, 2019
After upgrading to Symantec Endpoint Protection (SEP) 14.2 RU1, an increase is observed in the amount of memory being used by the SYSTEM instance of ccSvcHst.exe at idle.
SEP 14.2 RU1
This is expected. In 14.2 RU1 changes were made to ccSvcHst to reduce CPU utilization, lower disk I/O and increase battery life while a system is idle. The result is a higher working set of memory for the SYSTEM instance of ccSvcHst.exe. There is no performance impact or system requirement changes related to this change in behavior. The increase in memory usage only occurs at idle. If memory usage on the machine increases, then the working set for ccSvcHst will be reduced.
A registry key can be set to return ccSvcHst to pre-14.2 RU1 behavior.